Don't crash when password is unset for user, just deny login

author Jean-Michel Nirgal Vourgère <jmv@nirgal.com>

Mon, 18 Apr 2011 15:38:01 +0000 (15:38 +0000)

committer Jean-Michel Nirgal Vourgère <jmv@nirgal.com>

Mon, 18 Apr 2011 15:38:01 +0000 (15:38 +0000)
author Jean-Michel Nirgal Vourgère <jmv@nirgal.com>
Mon, 18 Apr 2011 15:38:01 +0000 (15:38 +0000)
committer Jean-Michel Nirgal Vourgère <jmv@nirgal.com>
Mon, 18 Apr 2011 15:38:01 +0000 (15:38 +0000)
diff --git a/bin/djais/models.py b/bin/djais/models.py

index 115d402555c6d0831dc65297b479ffd2e5cf8ea4..be413912a2734860e3c0b2b189d72bf15a3fedf9 100644 (file)
--- a/bin/djais/models.py
+++ b/bin/djais/models.py
@@ -50,7 +50,10 @@ class User(models.Model):
          self.info('Password changed') # FIXME
  
      def check_password(self, raw_password):
-        algo, salt, hsh = self.password_hash.split('$')
+        password_hash = self.password_hash
+        if not password_hash:
+            return False
+        algo, salt, hsh = password_hash.split('$')
          return hsh == get_hexdigest(algo, salt, raw_password)
author	Jean-Michel Nirgal Vourgère <jmv@nirgal.com>
	Mon, 18 Apr 2011 15:38:01 +0000 (15:38 +0000)
committer	Jean-Michel Nirgal Vourgère <jmv@nirgal.com>
	Mon, 18 Apr 2011 15:38:01 +0000 (15:38 +0000)